159-CVE January Patch Tuesday smashes single-month record
Brace yourselves… and consider reading your email in plaintext for now
Similar Posts
CISA Warns of Mitel MiCollab Vulnerabilities Exploited in Attacks
Bys sCISA says two recently disclosed path traversal vulnerabilities in the Mitel MiCollab collaboration platform have been exploited in attacks. The post CISA Warns of Mitel MiCollab Vulnerabilities Exploited in Attacks appeared first on SecurityWeek.
Theft from Glasgow’s Queen Elizabeth University Hospital sparks probe
Bys sOld-fashioned breaches still exist. Amanda Keenan reports: Health board chiefs have launched a major investigation after brazen thieves stole NHS laptops containing confidential patient data. Around 20 staff devices were snatched from an office block within the Queen Elizabeth University Hospital in Govan. Greater Glasgow and Clyde health board bosses have been forced to fork out £14,000 to…
Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device
Bys sWeb infrastructure and security company Cloudflare on Tuesday said it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date. The UDP protocol-based attack took place on October 29, 2024, targeting one of its customers, an unnamed internet service provider (ISP) from Eastern…
US law firm with major political clients hacked in spying spree linked to China
Bys sSean Lyngaas of CNN reports: Suspected Chinese government-backed hackers have breached computer systems of U.S. law firm Williams & Connolly, which has represented some of America’s most powerful politicians, as part of a larger spying campaign against multiple law firms, according to a letter the firm sent clients and a source familiar with the hack…….
Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access
Bys sHewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points that could allow an attacker to bypass authentication and gain administrative access to susceptible systems. The vulnerability, tracked as CVE-2025-37103, carries a CVSS score of 9.8 out of a maximum of 10.0. “Hard-coded login credentials were found…
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
Bys sMicrosoft on Monday announced a new feature called inline data protection for its enterprise-focused Edge for Business web browser. The native data security control is designed to prevent employees from sharing sensitive company-related data into consumer generative artificial intelligence (GenAI) apps like OpenAI ChatGPT, Google Gemini, and DeepSeek. The list will be expanded over time…